Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Site-to-site vpn with internet access

Hi,

im configuring a vpn tunnel between 2 sites over an adsl line. Could anyone tell me how this would change both site's internet access ability?

since the vpn uses the internet link to become a point-to-point link between the two sites, how will the users reach the internet? will this vpn tunnel stop internet access, or am i just over complicating things?

4 REPLIES
Green

Re: Site-to-site vpn with internet access

The configuration of the tunnel will determine which traffic is encrypted across it. The traffic which is not defined will be free to go to the internet unencrypted.

New Member

Re: Site-to-site vpn with internet access

ok, but what if the whole network needed to traverse the tunnel and still be able to access the internet?

or are you just saying i have to make really intricate ACLs?

Green

Re: Site-to-site vpn with internet access

Just define the traffic you want to traverse the tunnel, all other traffic will go out to the internet. Let's say the network that needs to traverse the tunnel is 192.168.1.0 and the remote network being tunneled to is 192.168.2.0. Then the acl defining interesting traffic would simply be.

access-list crypto extended permit ip 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0

New Member

Re: Site-to-site vpn with internet access

Thank you very much. this has helped me a great deal!

now let me get to it!

132
Views
0
Helpful
4
Replies